This ISO Standard has within it an element (8) which was created with the intention of it covering a host of features which all together provide support for a mechanism which was designed to improve the overall performance of the management system. Internal audit is a piece of this set, but only a piece, yet is - in all likelihood, the only aspect which is apparent to an average individual. Internal audit is significant, not because of the results it delivers but because the ongoing registration process for ISO9001 companies ensures that Internal Audit is subject to regular scrutiny. It’s our point of view that the impact of internal audit on the majority of companies is minimal - and in most cases, to the point of being a complete waste of time. Primarily this is due not to the concept of audit, but the manner in which it is managed and conducted.

Speaking generally, quality management functions are accepted reluctantly rather than being welcomed with open arms. They have become a fundamental part of the usual cost of doing business, mostly due to the failure of the systems to bring forth any solid benefit past the marketing advantage which is said to come from the registered status of the organisations. A calm examination of the detailed requirements built into the Standard should provide the assurance that the benefits of a controlled work environment will be achieved by following this text in a manner that matches the specific nature and ethos of the organisation. But it just doesn’t happen. More to the point, it doesn’t seem to put forth evidence of unfailing benefits for the adoption of the standard anywhere near often enough.

With a Standard that is International in both origin and application, how can this be? To understand this it is necessary to examine the role of those who see their role as one of policing the management system. Usually holding the title of Quality Manager, this person (sometimes with an entire team of assistants) is the one who is primarily responsible for the integrity of the documented system, and implicitly at least for the overall quality of the resulting product or service. Quality Managers have their roots in a manufacturing function whose equivalent would have been the Chief Inspector. The name in itself displays a fairly clear indication of the status - perceived or real, of this particular person. He was unquestionably the final authority regarding the acceptable quality of the company’s product. Acceptance or Rejection was entirely at his discretion. Without having physically been there, to many of today’s quality managers behave in much the same way. With little real understanding or appreciation of the management function, and certainly not the executive role, they fail to speak the language of their local leaders, with clear consequences.

It’s the responsibility of management to outline organisational objectives and policies, and management will organise - or have organised for them, specific systems to uphold these policies and objectives. Their need, although rarely put forward, is for some form of assurance that the systems are generating the specific controls and ongoing benefits they planned for. They need reassurance. The Internal Audit should provide information specific to the operation of the management system and focussed on this management need, but it seldom works that way. For the most part, the reports of internal audit activity contain a multitude of trivial failings packaged as ‘non-conformance’, frequently to a requirement that is not specified or is imaginary, and having little bearing on the needs of management. Is it surprising that Internal Audit is seen as a necessary evil, conducted to satisfy the ISO auditor, but having little relevance to life in the real world of commerce and industry?

When material such as this is provided to managers who see no real value in the investment, it is not just the audit that is ignored but the perpetrators of the audit also. A direct consequence of this failure to identify the audit customer’s need is a rejection of much that has a Quality Management implication. Managers and quality department staff universally complain of lack of management commitment (an ISO9001 requirement), and a general lack of personal advancement opportunities. But improvement is possible, even radical improvement, and it requires a change in strategy for both Executive Managers and those purporting to be Quality Professionals.

The change process:

1. The organisation must recognise that every manager and employee has a responsibility to perform in accordance with the requirements laid down for their work. Nobody else can be responsible for the quality of this work.

2. The title Quality Managers is clearly not a true indication of the function of this individual. Holding the QM responsible for a failure in product of service is clearly wrong unless that delivery was by its nature part of his (or her) normal function.

3. Internal audits should be a recognisable independent assessment of each business function, carried for the function’s manager and reported to that individual alone. (The functional managers have the responsibility for achieving a selection of business objectives, and it is they who need the information to support these objectives).

4. It follows that the auditors, while being independent of the function being audited, should also understand the role and responsibilities of senior managers, and speak at that level.

5. These changes require the dissolution of the existing audit regime, and some re-education of the management team who are responsible for allowing the adverse situation to exist.

6. Professional auditors with a wider experience than that obtainable within one or a limited number of organisations alone can provide the assurance and service level needed by an effective management team.

Ed. Bones is an IRCA registered Lead Auditor, a chartered quality professional, and a senior partner with The Meon Consulting Group, delivering expert audit and consultant services for ISO9001 & ISO14001 management systems. The company web site provides detailed information on various topics, and includes the generous offer of FREE Advice.

1. Gaining an understanding regarding an Internal Environmental Management System Audit Total Quality Management plays a Significant Role in the Business...
2. Continual Improvement: Explained A prevalent point of view of the requirement ‘continual improvement’...
3. Contract Review and ISO 9001: Explained In an attempt to define an effective set of management...
4. Now That You’re Hit With An Ecommerce Tax Audit One of citizens’ greatest concerns is the threat of an...
5. Outsourcing Work - Misunderstandings Explained Negative views on outsourcing originate totally in down to the...